Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BMw3783xn4-FadvD4UsxJb5pI64.roa
File: BMw3783xn4-FadvD4UsxJb5pI64.roa (raw, json)
Hash identifier: yA6p6qNZuT+FsQYxcicGR2hHSLLFBdtFJ48rhyR0xYk=
Subject key identifier: 04:CC:37:EF:CD:F1:9F:8F:85:69:DB:C3:E1:4B:31:25:BE:69:23:AE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFC7F5A1D3362D8941D625D40C24AA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BMw3783xn4-FadvD4UsxJb5pI64.roa
Signing time: Sun 01 Jan 2023 18:54:51 +0000
ROA not before: Sun 01 Jan 2023 18:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150303
IP address blocks: 84.32.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c7:f5:a1:d3:36:2d:89:41:d6:25:d4:0c:24:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04cc37efcdf19f8f8569dbc3e14b3125be6923ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fa:d5:3c:05:61:5c:08:66:d5:1b:50:15:94:
de:80:89:a2:7d:38:27:d6:90:5b:ba:d8:ff:05:dc:
ea:30:cd:ed:04:eb:4b:89:80:60:03:45:1a:b2:1f:
33:69:df:e8:c8:d5:16:00:38:33:22:7b:3b:b2:f2:
df:96:60:3f:0e:b7:1b:94:7c:16:a9:d9:22:02:ab:
b4:d2:13:5d:72:04:f7:6d:d9:da:23:bf:f1:ef:f9:
3f:a1:66:30:5d:c3:ef:9e:08:72:14:70:9c:6d:95:
97:c7:f3:8c:5d:56:20:ed:2f:60:cc:64:c3:36:c8:
05:ae:73:ee:01:66:df:ce:f8:4f:62:f0:2c:ea:b8:
d5:f2:0e:b3:46:05:f5:65:4a:90:b5:28:9f:07:48:
8c:2c:20:22:ce:8a:d0:36:68:79:00:46:1d:74:e9:
76:c2:fa:2e:e2:ad:97:e1:2b:0e:e8:72:2e:a4:ae:
a2:3d:ff:21:8b:b4:43:99:37:78:be:5a:a8:b1:a4:
4f:ea:f6:cd:60:bc:95:77:51:73:d7:52:4d:03:2c:
f5:fc:be:27:ce:a0:7d:fb:4f:47:5d:10:c0:dc:73:
e5:d1:24:94:72:ab:94:12:99:b0:4e:2c:90:ff:43:
c3:f7:ec:ea:c7:f4:46:85:fa:d8:07:02:49:1c:6f:
3c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CC:37:EF:CD:F1:9F:8F:85:69:DB:C3:E1:4B:31:25:BE:69:23:AE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BMw3783xn4-FadvD4UsxJb5pI64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.78.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5f:84:bd:46:ac:9e:83:a9:0e:c3:bd:be:53:05:ac:77:d5:
60:bc:f3:e9:75:38:38:62:62:91:db:21:4b:fb:b8:ac:6b:05:
bc:99:0e:64:23:a7:d3:06:e9:17:19:5a:40:bb:77:b2:0f:ca:
4f:dd:a9:85:75:43:c1:55:40:a0:4d:15:c5:ca:f4:1a:ed:4b:
0b:a3:61:79:9a:80:b9:1f:49:a7:c9:07:ba:1e:b0:79:3e:dc:
ec:42:55:46:c8:1f:26:a9:9b:39:23:a5:d9:7b:71:d2:5f:16:
17:a9:e6:f5:91:05:07:1f:f2:f0:c9:1f:fc:92:d9:d2:a3:ae:
b0:6c:f1:e1:4b:fa:9c:6c:7a:93:a0:28:d8:de:b2:59:51:b1:
18:d2:56:80:ab:18:bc:40:67:da:70:42:11:3b:d0:90:88:0e:
93:8e:d9:51:0d:aa:98:b0:52:c9:5e:ff:04:b3:a4:04:8e:5d:
d2:fc:6c:24:da:15:e4:77:cb:6f:24:c5:6a:9a:8c:83:88:ca:
9c:68:c5:1e:18:88:af:32:67:80:75:e3:86:b7:ab:80:8d:6a:
33:a1:dd:ab:47:b0:42:e3:12:0a:b2:4e:9a:d5:fa:ec:e7:5d:
9b:b6:0f:ee:7b:76:54:81:0c:70:71:3d:bf:63:35:8f:48:c0:
8a:54:45:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8f1odM2LYlB1iXUDCSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGNjMzdlZmNkZjE5ZjhmODU2OWRiYzNlMTRiMzEyNWJlNjkyM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vrVPAVhXAhm1RtQFZTegImifTgn
1pBbutj/BdzqMM3tBOtLiYBgA0Uash8zad/oyNUWADgzIns7svLflmA/DrcblHwW
qdkiAqu00hNdcgT3bdnaI7/x7/k/oWYwXcPvnghyFHCcbZWXx/OMXVYg7S9gzGTD
NsgFrnPuAWbfzvhPYvAs6rjV8g6zRgX1ZUqQtSifB0iMLCAizorQNmh5AEYddOl2
wvou4q2X4SsO6HIupK6iPf8hi7RDmTd4vlqosaRP6vbNYLyVd1Fz11JNAyz1/L4n
zqB9+09HXRDA3HPl0SSUcquUEpmwTiyQ/0PD9+zqx/RGhfrYBwJJHG88pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATMN+/N8Z+PhWnbw+FLMSW+aSOuMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQk13Mzc4M3huNC1GYWR2RDRVc3hKYjVwSTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBOMA0G
CSqGSIb3DQEBCwUAA4IBAQCKX4S9Rqyeg6kOw72+UwWsd9VgvPPpdTg4YmKR2yFL
+7isawW8mQ5kI6fTBukXGVpAu3eyD8pP3amFdUPBVUCgTRXFyvQa7UsLo2F5moC5
H0mnyQe6HrB5PtzsQlVGyB8mqZs5I6XZe3HSXxYXqeb1kQUHH/LwyR/8ktnSo66w
bPHhS/qcbHqToCjY3rJZUbEY0laAqxi8QGfacEIRO9CQiA6TjtlRDaqYsFLJXv8E
s6QEjl3S/Gwk2hXkd8tvJMVqmoyDiMqcaMUeGIivMmeAdeOGt6uAjWozod2rR7BC
4xIKsk6a1frs512btg/ue3ZUgQxwcT2/YzWPSMCKVEVs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:45 2023 by rpki-client on console-fra.rpki-client.org